The fallout from the NSA Affair and Snowden's leaks continue, with revelations that Angela Merkel's mobile phone was hacked causing worldwide headlines (though there's been some criticism of Merkel for taking so long over these allegations, and indications that the NSA has been spying on German citizens, seriously, as Der Standard pointedly notes with the headline "Und ploetzlich ist es ein Problem" ["And suddenly it is a problem"]). The Guardian is reporting that the number of tapped heads of government is probably much higher, and the European Council has finally been roused too - it turns out that prime ministers don't like to be spied on. Now everything from the halting of data-sharing agreements to cancelling the free trade talks is on the table (after all, it's much harder to negotiate if you're being spied on).
The European Parliament has also signalled its displeasure, voting for a motion calling for the end of the SWIFT agreement. It's not binding, and the Commission has responded by stating that there is no indication of wrong-doing under the SWIFT Agreement (or "Terrorist Financial Tracking Programme" - PDF). Parliament's issues with SWIFT aren't new to the NSA revelations, however. After a troubled birth (the Parliament voted down the first agreement before passing the second after lobbying from Vice-President Joe Biden), last year the report before Parliament on the implementation of the safeguards in the agreement caused disquiet - it turned out that the full report wasn't even made available to MEPs to review. (Notably, the European Data Protection Supervisor had criticised some of the key provisions of the draft SWIFT Agreement).
The Commission has said that the agreement has effective safeguards, and that it's waiting on the response to a request for reassurances from the US. It's not planning to suspend the agreement.
Martin Schulz, the President of the European Parliament has also said that the free trade talks with the US should be suspended in the light of the spying affair.
The most notable moves, though, probably come over the draft Data Protection Regulation. The European Parliament has adopted its position on the law this week, which has hardened. The subject of intense lobbying, the biggest impact of the Snowden-leak was to reverse the watering down of the proposed law, with the security of citizens' data in the hands of US companies a key concern. The bill still has a long way to go, and it has to be agreed with the Council before it can be signed into law.
But what does this all add up to? At the end of this week the EU still transfers the same kind of data to the US as at the start, and there is little coherence in the EU's position. Most demands amount to the suspension of agreements or negotiations, and it will take a while to see what actually comes out of this. If we are ever going to see better data protection standards and a more regulated approach to intelligence and police work, we have to have clear standards and guidelines on how we shape these laws. When it comes to the EU, a proper regard for the necessity and proportionality of proposed security laws within the EU and agreements with third countries has to be stressed. And the Commission must drop its deference of the security services if it is to enforce and monitor agreements - or even draw up laws.